[23:23]<vrgfuysx>Apachez: still does not zero chain [23:23]<srggd>so which file do you mean? [23:24]<vrgfuysx>Apachez: basically what i'm seeing is, empty chain, -Z has no effect. put a rule in the chain, -Z works [23:25]<vrgfuysx>actually no, it still doesn't work [23:25]<vrgfuysx>:( [23:25]<vrgfuysx>here [23:25]<vrgfuysx>iptables -vL INPUT [23:25]<vrgfuysx>Chain INPUT (policy ACCEPT 213 packets, 15836 bytes) [23:26]<vrgfuysx>iptables -Z INPUT [23:26]<czlcyzc>sanny: using debian are we :) [23:26]<vrgfuysx>iptables -vL INPUT [23:26]<vrgfuysx>Chain INPUT (policy ACCEPT 233 packets, 17020 bytes) [23:26]<vrgfuysx>whats going on [23:26]<srggd>no centos [23:26]<srggd>and i thought i had firewall fixed up [23:26]<srggd>seems i dont [23:27]<czlcyzc>sanny: its problery a script which saves the firewall script to a file somewhere problery /var/something [23:27]<czlcyzc>look in the saved file a line 22 [23:32]<vrgfuysx>Apachez: any ideas? [23:32]<czlcyzc>does anyone know if its possible to have a firewall box with internal lan (non routable ips) and another interface with /29 routable ips for dmz? [23:33]<czlcyzc>i have eth0=isp eth1=LAN eth2=dmz and my LAN works but i cant really get traffic to flow to eth2 [23:38]<rlraxne>vanquish: not other than perhaps you are seeing packets that went since you performed the -Z ? [23:38]<rlraxne>i mean i have something like 8-9000 packets/s over here [23:39]<vrgfuysx>Apachez: nope, counter hasn't increased at all since the last -vL [23:39]<vrgfuysx>Apachez: it's definitely the zero thats not clearning [23:40]<rlraxne>then i have no idea [23:40]<rlraxne>using latest versions etc ? [23:47]<vrgfuysx>yep [23:47]<vrgfuysx>tested it against 2 actually [23:47]<vrgfuysx>its very strange
